Amendments to the claims, 

Listing of all claims pursuant to 37 CFR 1.121(c) 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (Original) A computer-implemented method for specifying and enforcing 
entitlements for performance of financial transactions, the method comprising: 

providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions; 

receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement stmcture, wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said financial 
transactions, and membership of each user; 

in response to a particular user request to perform a financial transaction at 
runtime, identifying the particular user's membership in a certain entitlement group; and 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement structure 
applicable to the particular user's performance of the financial transaction. 

2. (Original) The method of claim 1, wherein said hierarchical entitlement 
structure provides that a given entitlement group inherits permissions provided to its 
parent entitlement group in said hierarchical entitlement structure. 

3. (Original) The method of claim 2, wherein said step of defining a plurality of 
entitlement groups includes restricting permissions inherited by an entitlement group 
from its parent entitlement group in said hierarchical entitlement structure. 

4. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining permissions to access particular objects in a 
financial application. 

5. (Original) The method of claim 4, wherein said step of defining a plurality of 

2 



entitlement groups includes defining permissions to perform functions on said particular 
objects. 

6. (Original) The method of claim 4, wherein at least some of said particular 
objects represent bank accounts. 

7. (Original) The method of claim 1, wherein said limits comprise limitations on 
values of financial transactions to be performed. 

8. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits comprising a selected one of per-transaction 
limits and cumulative limits over a period of time. 

9. (Original) The method of claim 1 , wherein said step of defining a plurality of 
entitlement groups includes defining permissions applying to a selected one of functions 
of a financial application and objects of a financial application. 

10. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable to individual users. 

1 1 . (Original) The method of claim 1 , wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable collectively to members of an 
entitlement group. 

12. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applying collectively to a particular 
entitlement group and children entitlement groups of said particular entitlement group in 
said hierarchical entitlement structure. 

13. (Original) The method of claim 1, further comprising: 

tracking financial transactions performed for purposes of determining compliance 
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with limits. 



14. (Original) The method of claim 13, wherein said step of tracking financial 
transactions performed includes maintaining running total values of financial transactions 
performed in cache for improved performance. 

15. (Original) The method of claim 14, wherein said step of determining whether 
to allow the particular user to perform the financial transaction includes determining 
whether any limits have been exceeded based on the running total values and the value of 
the financial transaction requested by the particular user. 

16. (Original) The method of claim 1, fiirther comprising: 

maintaining permission information for entitlement groups in the hierarchical 
entitlement structure in cache to improve system performance. 

17. (Original) The method of claim 16, wherein said permission information is 
modeled as three-tuples representing negative permissions. 

18. (Original) The method of claim 1, wherein permissions provided to an 
entitlement group include permissions to administer a certain other entitlement group. 

19. (Original) The method of claim 18, wherein permissions to administer a 
particular entitlement group include modifying permissions of said certain other 

entitlement group. 

20. (Original) The method of claim 18, wherein said permissions to administer a 
certain other entitlement group are subject to limitations defined for the entitlement group 
having said permissions to administer. 

21. (Original) The method of claim 1, wherein permissions provided to an 
entitlement group include permissions to extend a certain other entitlement group. 



4 



22. (Original) The method of claim 21, wherein permissions to extend a certain 
other entitlement group include permissions to define a child entitlement group of said 
particular entitlement group. 

23. (Original) A computer-readable medium having processor-executable 
instructions for performing the method of claim 1 . 

24. (Original) A downloadable set of processor-executable instructions for 
performing the method of claim 1 . 
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